Monday, January 25, 2016

HTTPS Bicycle Attack - Obtaining Passwords From TLS Encrypted Browser Requests

A paper detailing a new attack vector on TLS was released on December 30. The attack, known as the HTTPS Bicycle Attack, is able to determine the length of specific parts of the plain-text data underneath captured TLS packets using a side-channel attack with already known information. The attack has a few prerequisites but could be applied in a real world scenario, and is completely undetectable due to its passive nature.

Executive Summary

The HTTPS Bicycle attack can result in the length of personal and secret data being exposed from a packet capture of a user's HTTPS traffic. For example, the length of passwords and other data (such as GPS co-ordinates) can be determined simply by analysing the lengths of the encrypted traffic.
Some of the key observations of this attack are as below:
  • Requires a packet capture containing HTTPS (TLS) traffic from a browser to a website
  • The TLS traffic must use a stream-based cipher
  • Can reveal the lengths of unknown data as long as the length of the rest of the data is known - this includes passwords, GPS data and IP addresses
  • Packet captures from several years ago could be vulnerable to this attack, with no mitigation possible
  • The real world impact is unknown, as there are several prerequisites that may be hard to fulfill.
This leads us into interesting discussions on the resilience of passwords as a form of authentication method. First we will explain how the attack works. 

You can keep up to date with the discussion of HTTPS Bicycle on Reddit at

No comments:

Post a Comment